I'm not sure how that would make any difference at all. The problem is that it's hard for sshd to maintain the necessary state across multiple invocations when it's being invoked once per connection rather than having a master process that can trivially keep track of all the inter-connection state it needs.
Persisting the necessary state in the filesystem somewhere would no doubt be in principle possible, but would require careful locking and such, and would add more code to the pre-authentication attack surface. Upstream is in general very cautious about such changes, and I think rightly so. AFAICS even Fedora doesn't do this yet, and one would normally expect them to be enthusiastic about pushing for systemd-specific enhancements. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1576353 Title: Install openssh-server with disabled password auth by default on servers Status in Ubuntu CD Images: New Status in openssh package in Ubuntu: Triaged Bug description: we want to remove 'cloud-image' seed and join it with 'server' seed. openssh-server is one of the few (3) packages that are in cloud image and not in 'ubuntu-server'. We'd like to have the server iso install openssh-server by default and prompt the user if they want to enable it or not. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-cdimage/+bug/1576353/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
